Checkmarx / red-liliLinks
This open-source project tracks RED-LILI's activity over time as there are evidence the actor is still active. All information provided here is intended for research purposes.
☆11Updated 2 years ago
Alternatives and similar repositories for red-lili
Users that are interested in red-lili are comparing it to the libraries listed below
Sorting:
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 5 years ago
- Reference architecture and proof of concept implementation for supply chain security gateway☆23Updated 2 years ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆23Updated 4 years ago
- Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂☆98Updated last month
- Static Token And Credential Scanner☆95Updated 2 years ago
- Mitigate security concerns of Dependency Confusion supply chain security risks☆51Updated 3 weeks ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆106Updated last year
- Dependency Combobulator☆95Updated 2 years ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆141Updated 2 years ago
- ☆114Updated 2 years ago
- Maturity Model Collaborative project☆15Updated 2 years ago
- Purposely vulnerable Java application to help lead secure coding workshops☆191Updated last year
- My collection of Semgrep rules for vulnerability detection on source code (swift, java, cobol)☆41Updated 2 months ago
- PyPI malware packages☆59Updated 7 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆82Updated 3 years ago
- A list of queries and actions that I repeat over and over again☆65Updated 5 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆160Updated last year
- A collection of my Semgrep rules☆51Updated 2 years ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆35Updated 2 weeks ago
- Damn Vulnerable Java (EE) Application☆144Updated 2 years ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…☆135Updated last week
- Monorepo of Labs for the Security Knowledge Framework (SKF)☆42Updated 7 months ago
- a shared short domain for XSS and other hacks☆32Updated 3 years ago
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆83Updated last year
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.☆24Updated 3 years ago
- GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…☆20Updated 2 years ago
- LLM Testing Findings Templates☆75Updated last year
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Updated last year
- An extension to use Semgrep inside Burp Suite.☆89Updated 8 months ago
- AWS Security Checks☆40Updated 8 years ago